[evolveyourmind]

Meaning 40% of the code on GitHub is insecure

[auggierose]

No. It means that when c = f(a, b), where a, and b are secure, and you have no clue what f does, it might still be the case that c is insecure.

[dkersten]

You could train a model on purely secure code and still have it combine it in insecure ways.

[0-_-0]

And the other way around.

[SketchySeaBeast]

I guess the question really is how many ways are there to do it wrong, and how many ways are there to do it right?